Crimes and P2P Networks

P2P networks are intended to connect hosts that are connected to the Internet in order to interchange files directly, this method, technically, has a nice and smart idea behind it, but it takes the control away for authorities and digital content owners.

One of the most discussed cases of P2P crimes is violation of intellectual properties rights, books, multimedia and software are subjects of this type of crimes. With a P2P network, one can search and find other peers that have or pretend having files that he or she needs. Searching the net reveals that there are many cases versus P2P companies and developers, such as GRANT T. STANLEY [CyberCrime.gov, 2006].

Distributing malware, viruses, worms and exploits are other important issues which its complexity is completely different from intellectual property issues. Computer literates know that downloading files might contain malwares that can not be recognized by security software. Malwares might be buried under a bulk of installation files of the real software and a forged setup file might release the malware.I tried to search for a specific software, I found many files with the same identification but different sizes! Therefore, you can easily deduct that at least one of them carries the malware.

Another type of such criminal activity is expediting the distribution of paparazzi contents, few months ago very private films of one of the famous actresses in Iran had been distributed over the net through P2P systems, this caused a law suite against the perpetrator and he is sentenced to be executed!

Although there is no control over P2P services like eMule which is fully distributed over the internet with no central managing organization, there must be precautionary measures to be taken into account to reduce the chance of criminal activities; in P2P systems there are huge amounts of files and transmission stream which can not be logged centrally, file fragments might be downloaded from a multitude of other nodes, so this makes it quite difficult to rely on log files while investigating a case. Therefore, live capture of network traffic and cooperation of ISP is also required. Moreover, it might be possible to fake a client in order to communicate with that person in order to make the criminal busy and at the same time police can take an action and capture the perpetrator at the time that the crime happens.

A challenging part of the investigation is that the digital information can not be reconstructed in the way that can be used in the court room. Therefore, investigators should be able to collect enough data to establish strong incriminating evidence.

Another important part of investigation that should be considered is that ISPs should cooperate in this investigation, they might ask for any official documents such as warrants that allow investigators to investigate network or capture required network traffic silently.

Depending on case conditions, investigators might need to travel abroad or ask very remote ISPs to cooperate with them, they would obviously need network investigation warrants from the ISP’s local jurisdiction. As we have discussed this week, we might not be able to get required warrants from some countries, they might not cooperate in investigation, therefore, we might not be able to reach perpetrator at all.

According to my researches, most of the P2P cases were followed by prosecution of the P2P developers or companies. Many P2P companies and individuals are sentenced because of their law-breaking innovations! Napster, bitTorrent, Kazaa and many others.

I believe a standardized P2P can solve the problem when it’s being supported by controlling mechanisms in order to allow each ISP watching the P2P network traffics, analyze the traffic easily and warn its client if the content is not allowed to be transferred. Well, one might argue that we can not recognize and analyze all traffic of the network; nonetheless, I think we can develop new mechanisms of digital content sharing that the delivered content can be watermarked in such way that detective software can distinguish between legal and illegal files and notify the administrators of the ISP.